1. You want syslog events 430001? (Snort ips alerts) My scenario was FirePower services for ASA not FTD
Answer:Add logging host to your intrusion policy pointing to your CSSP appliance.
2. You want syslog events sent for file and malware?
Answer: Add another line in rsyslog.d/1-ips file on your CSSP specifying 430005. You can copy the line with 430001 and and change the second line from 430001 to 430005. Adjust your fmc access control policy in the logging tab adding checkbox for file and malware. Add your CSSP server as the receiver.
3. You want Security Intelligence events sent to CSSP?
Answer: Change your current syslog entry in DNS, URL, and IP security intelligence section of your access control policy pointing the logging to your CSSP server. You will need to add another entry into your CSSP server rsyslog.d/1-ips file to include these messages. Create an additional line copying the line with 430001 but changing the number to 430002.
I am building a system to consume the VPN data from the Cisco VPN servers via the API.1. what are the endpoints and any API documents?2. what credentials should I use to configure my API program?3. any library or SDK that I can use* I am referring to the ...
Hi all,Any idea about the traceback logs shown on my Cisco 1921 with IOS Version 15.2(2)I tried to decode the logs but I wasn't lucky enough! Traceback= 0x256D5600z 0x256F1FCCz 0x256F2074z 0x256F4C34z 0x25686FF0z 0x25687C54z 0x2412021Cz 0x241208A0zTr...
Are there any "Mode and Engines" that need to be configured in an environment with AMP and Carbon Black App control are both installed? Any documentation on how to configure both to coexist would be great!
Hi AllAfter installing the new Firewall- Cisco Adaptive Security Appliance Software Version 9.15(1) and installing VPN AnyConnect and I have IPCom to remote user we still getting traffic voice problems. The call can be completed, but there is no voice tra...
Hello, Trying to install IPS on C1100 platform been having no such luck, Guides are for 4K series ISR, unable to find an OVA for c1100, there is a TAR file but no OVA on it, also no such luck in following IOx guide not sure if I'm doing it correctly....